b6bf555f46e845b3903a09cf959fa125_JaffaCakes118

General

Target

b6bf555f46e845b3903a09cf959fa125_JaffaCakes118
Size

114KB
MD5

b6bf555f46e845b3903a09cf959fa125
SHA1

e4922e77489321f4765f76211e917d625f1f8f10
SHA256

1892ff136cbae4798412d192e0b3f01e42799f6528408d98848e32af682ed5c6
SHA512

c67585a9755f2e00db7e3f2ea15bec370c78b6d9f1dd8c4c4ead8822333c4de0fa845014a56b7699992466b08242458dd14534ba929aafde91f5f1c406f262a8
SSDEEP

3072:A91wCBi5NWJdH7Kh/9XjdLzNKMUsFuUkxngk:Aiwz7KhrN51FuUkx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b6bf555f46e845b3903a09cf959fa125_JaffaCakes118

Files

b6bf555f46e845b3903a09cf959fa125_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d48247740926b33f1d7ac604c9dc459b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetACP
SetCurrentDirectoryA
GetWindowsDirectoryA
CopyFileA
MulDiv
GetThreadLocale
GetCurrentThreadId
QueryPerformanceCounter
GetConsoleOutputCP
RemoveDirectoryA
GetTickCount
lstrcmpiW
IsDebuggerPresent
GetCurrentProcessId
lstrcmpA
GlobalFindAtomA
lstrlenA
GlobalFindAtomW
GetCurrentThread
GetCommandLineA
lstrcmpiA
GetCommandLineW
DeleteFileW
GetModuleHandleW
DeleteFileA
GetUserDefaultLangID
GetModuleHandleA
GetOEMCP
GetCurrentProcess
GetStartupInfoA
lstrlenW
GetProcessHeap
GetDriveTypeA
GetVersion
VirtualAlloc
VirtualFree
RemoveDirectoryW

gdi32

DeleteDC
SetTextColor
GetObjectA
LineTo
GetPixel
RestoreDC
CreateCompatibleDC
SelectObject
RectVisible
CreatePen
SaveDC
CreatePalette
GetClipBox
GetDeviceCaps
CreateFontIndirectA
SetTextAlign
GetStockObject
GetTextMetricsA
CreateSolidBrush
PatBlt
SetMapMode
SetStretchBltMode
DeleteObject
SelectPalette
SetPixel

user32

TranslateMessage
CharNextA
GetSystemMetrics
GetDesktopWindow
GetParent

glu32

gluQuadricCallback

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 79KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d48247740926b33f1d7ac604c9dc459b

Headers

File Characteristics

Imports

kernel32

gdi32

user32

glu32

Sections

.text Size: 13KB - Virtual size: 13KB

.rdata Size: 7KB - Virtual size: 7KB

.data Size: 79KB - Virtual size: 78KB

.rsrc Size: 13KB - Virtual size: 12KB

.text
Size: 13KB - Virtual size: 13KB

.rdata
Size: 7KB - Virtual size: 7KB

.data
Size: 79KB - Virtual size: 78KB

.rsrc
Size: 13KB - Virtual size: 12KB